290cq.com Open in urlscan Pro
185.239.86.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://290cq.com/
Submission: On August 16 via api (August 16th 2024, 2:15:25 am UTC) from BE — Scanned from DE

Summary HTTP 19 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 185.239.86.74, located in Hong Kong and belongs to CLOUDIE-AS-AP Cloudie Limited, HK. The main domain is 290cq.com.

This is the only time 290cq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	185.239.86.74 185.239.86.74	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
3 6	123.129.217.117 123.129.217.117	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	14.215.182.140 14.215.182.140	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	2600:9000:223... 2600:9000:223d:5e00:0:e2b1:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:272... 2600:9000:2724:f400:12:30a1:de00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	171.8.167.89 171.8.167.89	137687 (CHINATELE...) (CHINATELECOM-HENAN-LUOYANG-IDC Luoyang)
19	6

11 185.239.86.74 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)
PTR: visit.keznews.com

290cq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 123.129.217.117 (Dongying, China) 3 redirects

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

www.51cr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:5e00:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

jspassport.ssl.qhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2724:f400:12:30a1:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 171.8.167.89 (Zhengzhou, China)

ASN137687 (CHINATELECOM-HENAN-LUOYANG-IDC Luoyang, Henan Province, P.R.China., CN)
PTR: 8.171.broad.ha.dynamic.163data.com.cn

s.360.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	290cq.com 290cq.com	624 KB
6	51cr.com 3 redirects www.51cr.com	2 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8226	12 KB
1	360.cn s.360.cn — Cisco Umbrella Rank: 22196	240 B
1	qhres2.com s.ssl.qhres2.com — Cisco Umbrella Rank: 89180	943 B
1	qhimg.com jspassport.ssl.qhimg.com — Cisco Umbrella Rank: 111373	480 B
19	6

	Domain	Requested by
11	290cq.com	290cq.com
6	www.51cr.com	3 redirects 290cq.com
2	hm.baidu.com	290cq.com
1	s.360.cn	290cq.com
1	s.ssl.qhres2.com	jspassport.ssl.qhimg.com
1	jspassport.ssl.qhimg.com	290cq.com
19	6

This site contains links to these domains. Also see Links.

Domain
288dnf.com
www.288dnf.com
wwd.lanzouj.com
h5-share87.huaihugame.com
h5-quwan.ezjld.com
www.51cr.com

Subject Issuer	Validity	Valid
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.ssl.qhimg.com WoTrus DV Server CA [Run by the Issuer]	`2024-03-05` - `2025-04-05`	a year	crt.sh
*.ssl.qhres2.com WoTrus DV Server CA [Run by the Issuer]	`2024-02-18` - `2025-03-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://290cq.com/
Frame ID: 3226FF18A6BF7AE58C736904348B1712
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

传奇手游，新开传奇私服手游发布网址，三职业沉默，火龙，迷失，仙剑，嘟嘟，神器版本，单职业发布网站 - 我爱百度www.fz915.com -开服网

Page URL History Show full URLs

http://290cq.com/ HTTP 307
https://290cq.com/ HTTP 307
http://290cq.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

21 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

640 kB
Transfer

729 kB
Size

4
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://288dnf.com/
Title: 警告：本站严厉打击劫持丶赌博丶色情丶等违法广告! 一经发现立即删除并提交相关部门处理举报邮箱:sifaju234@foxmail.com

Search URL Search Domain Scan URL

URL: http://www.288dnf.com/
Title: 🔴广告联系QQ：123456 ☆☆☆☆☆ 🔴

Search URL Search Domain Scan URL

URL: https://wwd.lanzouj.com/ibTWo270rp1i
Title: 仙剑冥域传说

Search URL Search Domain Scan URL

URL: http://h5-share87.huaihugame.com/ldy?param=327-10016748
Title: ⛔迷失世界⛔

Search URL Search Domain Scan URL

URL: http://h5-share87.huaihugame.com/ldy?param=333-10016748
Title: 仙剑情缘2.8

Search URL Search Domain Scan URL

URL: http://h5-quwan.ezjld.com/ldy?param=316-10016415
Title: 1.85无限刀

Search URL Search Domain Scan URL

URL: http://h5-share87.huaihugame.com/ldy?param=334-10016748
Title: 🔥刺杀沉默🔥

Search URL Search Domain Scan URL

URL: http://h5-share87.huaihugame.com/ldy?param=328-10016748
Title: ██扛把子超变██

Search URL Search Domain Scan URL

URL: http://h5-share87.huaihugame.com/ldy?param=324-10016748
Title: 🔴主宰沉默🔴

Search URL Search Domain Scan URL

URL: http://h5-share87.huaihugame.com/ldy?param=313-10016748
Title: 💖💖魔神攻速

Search URL Search Domain Scan URL

URL: http://www.51cr.com/view.php?sid=29808

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://290cq.com/ HTTP 307
https://290cq.com/ HTTP 307
http://290cq.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.51cr.com/d.php?id=29808 HTTP 301
https://www.51cr.com/d.php?id=29808

Request Chain 15

http://www.51cr.com/d.php?id=29808&e=&f= HTTP 301
https://www.51cr.com/d.php?id=29808&e=&f=

Request Chain 16

http://www.51cr.com/img/ico.gif HTTP 301
https://www.51cr.com/img/ico.gif

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
290cq.com/
Redirect Chain

http://290cq.com/
https://290cq.com/
http://290cq.com/

30 KB
6 KB

286ms
272ms

Document
text/html

185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / PHP/5.6.40 ASP.NET
Resource Hash: f83351ebfd42450c5642c33ca2f7f0277eab75a9691a30ee6d530f582c6e31d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Length: 6405
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Aug 2024 02:15:31 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40 ASP.NET

Redirect headers

Location: http://290cq.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK style.css
290cq.com/images/ 2 KB
1 KB 208ms
207ms Stylesheet
text/css 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL: http://290cq.com/images/style.css
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: adceba1342c1d81f2940948620480a80d3b2ad226ec61e5b6653092968f737c9

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jan 2024 06:36:06 GMT
Server: Microsoft-IIS/8.5
ETag: "d31b2d1e7d47da1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 985

GET
H/1.1 200
OK jquery.js Show response
290cq.com/images/ 92 KB
41 KB 438ms
230ms Script
application/javascript 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL: http://290cq.com/images/jquery.js
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c335e5afb9fe6a9041e764d6b0919ef5dc67415b8746f8e0daf3ccc8ffea7d9f

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2024 16:22:34 GMT
Server: Microsoft-IIS/8.5
ETag: "0c1fd61aa44da1:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 42005

GET
H/1.1

200
OK

d.php Show response
www.51cr.com/
Redirect Chain

http://www.51cr.com/d.php?id=29808
https://www.51cr.com/d.php?id=29808

462 B
670 B

1257ms
227ms

Script
text/html

123.129.217.117
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.51cr.com/d.php?id=29808
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 123.129.217.117 Dongying, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.16.1 / PHP/5.6.31
Resource Hash: 316710f3ec37343d15a689752e01130c1fca42e3811288b82d19d89f3e11b462

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:17:56 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://www.51cr.com/d.php?id=29808
Date: Fri, 16 Aug 2024 02:17:54 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1 200
OK fen.gif
290cq.com/images/ 2 KB
2 KB 202ms
202ms Image
image/gif 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://290cq.com/images/fen.gif
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 57da5aa9aba4a045c6d05fca0bca7ecaf14716d7e7afdee597aa26948df2f66b

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Last-Modified: Sat, 13 Jan 2024 19:06:31 GMT
Server: Microsoft-IIS/8.5
ETag: "c1f9b69e5346da1:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1925

GET
H/1.1 200
OK red.gif
290cq.com/images/ 416 B
662 B 401ms
199ms Image
image/gif 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://290cq.com/images/red.gif
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f4d684b2dde3fd320c53257bb9af6c8135226b880ccebb2da3345d1d39300875

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Last-Modified: Sat, 13 Jan 2024 09:11:17 GMT
Server: Microsoft-IIS/8.5
ETag: "16b93077046da1:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 416

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 673ms
270ms Script
application/javascript 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?7d8cb30e1418788dedb6b53fca5b7c07

Requested by

Host: 290cq.com
URL: http://290cq.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

7a642a8a11cec72cffb7ff1f236a60d189df718c1101f9ef375b5359836778ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:18 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 85ced08bb5246890fcbf6f1caffb1085
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11289

GET
H/1.1 200
OK bg.jpg
290cq.com/images/ 389 KB
389 KB 415ms
209ms Image
image/jpeg 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://290cq.com/images/bg.jpg
Requested by: Host: 290cq.com
URL: http://290cq.com/images/style.css
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8a967532c2d4c452504ccfc03ca6c884421eb61192fe0822aa25f1b88c39c8a3

Request headers

Referer: http://290cq.com/images/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Last-Modified: Sat, 13 Jan 2024 18:45:29 GMT
Server: Microsoft-IIS/8.5
ETag: "4afb3fae5046da1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 398480

GET
H/1.1 200
OK header.gif
290cq.com/images/ 164 KB
165 KB 433ms
223ms Image
image/gif 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://290cq.com/images/header.gif
Requested by: Host: 290cq.com
URL: http://290cq.com/images/style.css
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1d79f28d74dc79af82b56ec55a4e28bc4276deecf8efff262145d83d18bef2ff

Request headers

Referer: http://290cq.com/images/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Last-Modified: Wed, 14 Aug 2024 01:52:20 GMT
Server: Microsoft-IIS/8.5
ETag: "26635a99ecedda1:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 168371

GET
H/1.1 200
OK so.png
290cq.com/images/ 6 KB
6 KB 597ms
199ms Image
image/png 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://290cq.com/images/so.png
Requested by: Host: 290cq.com
URL: http://290cq.com/images/style.css
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3936337615e8eb13990b7e4d2ba37bc32e37d19af0841e947b320e047a61b3e9

Request headers

Referer: http://290cq.com/images/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Last-Modified: Thu, 11 Jan 2024 16:22:34 GMT
Server: Microsoft-IIS/8.5
ETag: "0c1fd61aa44da1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6338

GET
H/1.1 200
OK dl.png
290cq.com/images/ 10 KB
10 KB 360ms
200ms Image
image/png 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://290cq.com/images/dl.png
Requested by: Host: 290cq.com
URL: http://290cq.com/images/style.css
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e40c0ff407023f4e8a465a5c3fafc3494365aa76fdf53a16ab6746ac08551f1b

Request headers

Referer: http://290cq.com/images/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Last-Modified: Thu, 11 Jan 2024 16:22:34 GMT
Server: Microsoft-IIS/8.5
ETag: "0c1fd61aa44da1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10082

GET
H/1.1 200
OK th_bg.jpg
290cq.com/images/ 512 B
760 B 361ms
198ms Image
image/jpeg 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://290cq.com/images/th_bg.jpg
Requested by: Host: 290cq.com
URL: http://290cq.com/images/style.css
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 137c9a176c75e14f87e47b173bc5c4e74085b98ec55f8d33ece822798baeb4e9

Request headers

Referer: http://290cq.com/images/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:31 GMT
Last-Modified: Sat, 13 Jan 2024 15:07:00 GMT
Server: Microsoft-IIS/8.5
ETag: "2115be283246da1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 512

GET
H2 200 11.0.1.js Show response
jspassport.ssl.qhimg.com/ 106 B
480 B 1043ms
11ms Script
application/x-javascript 2600:9000:223d:5e00:0:e2b1:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5e00:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 16 Aug 2024 02:06:58 GMT
via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;REVALIDATED from w-sc01.lato
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
x-amz-cf-pop: FRA56-P3
age: 503
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: s-maxage=600, max-age=600
x-amz-cf-id: CFFwk8CK3WDlsw3O-4Y6rzIDLsD-a8-kJL9WZb7EtjFS485i5Tg_7g==
expires: Fri, 16 Aug 2024 02:16:56 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 291ms
290ms Image
image/gif 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=43AB331EB22E2473&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=868633546&si=7d8cb30e1418788dedb6b53fca5b7c07&v=1.3.2&lv=1&sn=7414&r=0&ww=1600&u=http%3A%2F%2F290cq.com%2F&tt=%E4%BC%A0%E5%A5%87%E6%89%8B%E6%B8%B8%EF%BC%8C%E6%96%B0%E5%BC%80%E4%BC%A0%E5%A5%87%E7%A7%81%E6%9C%8D%E6%89%8B%E6%B8%B8%E5%8F%91%E5%B8%83%E7%BD%91%E5%9D%80%EF%BC%8C%E4%B8%89%E8%81%8C%E4%B8%9A%E6%B2%89%E9%BB%98%EF%BC%8C%E7%81%AB%E9%BE%99%EF%BC%8C%E8%BF%B7%E5%A4%B1%EF%BC%8C%E4%BB%99%E5%89%91%EF%BC%8C%E5%98%9F%E5%98%9F%EF%BC%8C%E7%A5%9E%E5%99%A8%E7%89%88%E6%9C%AC%EF%BC%8C%E5%8D%95%E8%81%8C%E4%B8%9A%E5%8F%91%E5%B8%83%E7%BD%91%E7%AB%99%20-%20%E6%88%91%E7%88%B1%E7%99%BE%E5%BA%A6www.fz915.com%20-%E5%BC%80%E6%9C%8D%E7%BD%91

Requested by

Host: 290cq.com
URL: http://290cq.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Aug 2024 02:15:19 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres2.com/ssl/ 478 B
943 B 1137ms
17ms Script
application/javascript 2600:9000:2724:f400:12:30a1:de00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: jspassport.ssl.qhimg.com
URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f400:12:30a1:de00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 29 Jul 2024 00:06:14 GMT
via: 1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;MISS from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P12
age: 1562946
x-cache: Hit from cloudfront
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"5ea522c52117c396"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=315360000, max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: 0ytF3z_of-YIfbHyklRdvajq7I_tcfkH4Imxy5fkTUoq7gmmvyg58A==
expires: Thu, 27 Jul 2034 00:06:14 GMT

GET
H/1.1 200
OK zz.gif
s.360.cn/so/ 0
240 B 1038ms
213ms Image
image/gif 171.8.167.89
CHINATELECOM-HENA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.360.cn/so/zz.gif?url=http%3A%2F%2F290cq.com%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1m8o2cb.3qfc2089522/5/f:2pdtbt
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 171.8.167.89 Zhengzhou, China, ASN137687 (CHINATELECOM-HENAN-LUOYANG-IDC Luoyang, Henan Province, P.R.China., CN),
Reverse DNS: 8.171.broad.ha.dynamic.163data.com.cn
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:21 GMT
Last-Modified: Tue, 23 Jul 2019 07:36:19 GMT
Server: openresty/1.15.8.2
ETag: "5d36b8f3-0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1

200
OK

d.php Show response
www.51cr.com/
Redirect Chain

http://www.51cr.com/d.php?id=29808&e=&f=
https://www.51cr.com/d.php?id=29808&e=&f=

0
201 B

174ms
174ms

Script
text/html

123.129.217.117
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.51cr.com/d.php?id=29808&e=&f=
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 123.129.217.117 Dongying, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.16.1 / PHP/5.6.31
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:17:57 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Location: https://www.51cr.com/d.php?id=29808&e=&f=
Date: Fri, 16 Aug 2024 02:17:57 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

ico.gif
www.51cr.com/img/
Redirect Chain

http://www.51cr.com/img/ico.gif
https://www.51cr.com/img/ico.gif

522 B
760 B

343ms
167ms

Image
image/gif

123.129.217.117
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.51cr.com/img/ico.gif
Requested by: Host: 290cq.com
URL: http://290cq.com/
Protocol: HTTP/1.1
Server: 123.129.217.117 Dongying, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7a52ebd8da466ecd75ed64afb07c741a24a9d425f69bdc95c6012f91c6dfa8a0

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:17:57 GMT
Last-Modified: Thu, 31 Aug 2023 09:10:54 GMT
Server: nginx/1.16.1
ETag: "64f0591e-20a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 522

Redirect headers

Location: https://www.51cr.com/img/ico.gif
Date: Fri, 16 Aug 2024 02:17:57 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1 404
Not Found favicon.ico
290cq.com/ 1 KB
1 KB 211ms
211ms Other
text/html 185.239.86.74
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL: http://290cq.com/favicon.ico
Protocol: HTTP/1.1
Server: 185.239.86.74 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: visit.keznews.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Referer: http://290cq.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 02:15:35 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1163
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 08:25:34	Name: HMACCOUNT_BFESS Value: 43AB331EB22E2473
.290cq.com/	1970-01-21 07:35:10	Name: Hm_lvt_7d8cb30e1418788dedb6b53fca5b7c07 Value: 1723774519
.290cq.com/	1969-12-31 23:59:59	Name: Hm_lpvt_7d8cb30e1418788dedb6b53fca5b7c07 Value: 1723774519
.290cq.com/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 43AB331EB22E2473

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://290cq.com/(Line 220) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://290cq.com/(Line 220) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://290cq.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

290cq.com
hm.baidu.com
jspassport.ssl.qhimg.com
s.360.cn
s.ssl.qhres2.com
www.51cr.com
123.129.217.117
14.215.182.140
171.8.167.89
185.239.86.74
2600:9000:223d:5e00:0:e2b1:a380:93a1
2600:9000:2724:f400:12:30a1:de00:93a1
137c9a176c75e14f87e47b173bc5c4e74085b98ec55f8d33ece822798baeb4e9
1d79f28d74dc79af82b56ec55a4e28bc4276deecf8efff262145d83d18bef2ff
316710f3ec37343d15a689752e01130c1fca42e3811288b82d19d89f3e11b462
3936337615e8eb13990b7e4d2ba37bc32e37d19af0841e947b320e047a61b3e9
57da5aa9aba4a045c6d05fca0bca7ecaf14716d7e7afdee597aa26948df2f66b
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
7a52ebd8da466ecd75ed64afb07c741a24a9d425f69bdc95c6012f91c6dfa8a0
7a642a8a11cec72cffb7ff1f236a60d189df718c1101f9ef375b5359836778ed
8a967532c2d4c452504ccfc03ca6c884421eb61192fe0822aa25f1b88c39c8a3
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
adceba1342c1d81f2940948620480a80d3b2ad226ec61e5b6653092968f737c9
c335e5afb9fe6a9041e764d6b0919ef5dc67415b8746f8e0daf3ccc8ffea7d9f
c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c0ff407023f4e8a465a5c3fafc3494365aa76fdf53a16ab6746ac08551f1b
f4d684b2dde3fd320c53257bb9af6c8135226b880ccebb2da3345d1d39300875
f83351ebfd42450c5642c33ca2f7f0277eab75a9691a30ee6d530f582c6e31d6

290cq.com Open in urlscan Pro 185.239.86.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

21 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

640 kBTransfer

729 kBSize

4 Cookies

11 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

4 Cookies

5 Console Messages

Indicators

290cq.com Open in urlscan Pro
185.239.86.74 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

21 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

640 kB
Transfer

729 kB
Size

4
Cookies

19 HTTP transactions
0 data transactions